Threat Post

WordPress Pop-Up Builder Plugin Flaw Plagues 200K Sites

The flaw could have let attackers send out custom newsletters and delete newsletter subscribers from 200,000 affected websites. Developers of a plugin, used by WordPress websites for building pop-up ...
Searchenginejournal.com

WordPress Popup Maker Vulnerability Affects Up To +700,000 Sites

A vulnerability was discovered in the “Popup Maker – Popup for opt-ins, lead gen, & more” WordPress plugin which is installed in over 700,000 websites. The Popup Maker plugin integrates with many of ...
Bleeping Computer

Wordpress Slick Popup Plugin Contains Vulnerable Support Backdoor

Hackers subscribed to WordPress websites running Slick Popup plugin can take over the website by enabling a backdoor administrator account with hardcoded credentials. The vulnerability is active at ...
Dark Reading

Nearly 7K WordPress Sites Compromised by Balada Injector

About 6,700 WordPress websites have been infected with the Balada Injector malware, after using a Popup Builder plug-in with a cross-site scripting (XSS) vulnerability tracked as CVE-2023-6000. The ...